Microsoft to End Sale of Azure AD B2B/B2C on May 1, 2025 – Shifting to Entra ID External Identities

|
Published

On May 1, 2025, Microsoft will stop selling Azure AD B2B and B2C. Here’s what that means for you. 

Azure AD B2B Guest Management Graphic


What is Changing on May 1, 2025? 

It’s more than a rebranding. Microsoft is moving customers from Azure AD B2B and B2C (which you may use today) to their next-gen CIAM platform: Microsoft Entra External ID

Starting May 1, new customers won’t be able to license Azure AD B2B/B2C. Existing customers can continue using it—likely through 2030. 

There are no immediate changes to features or service delivery for current users, but don’t expect new features to be added. Think of this like Microsoft retiring Windows 10 in favour of Windows 11: older systems still work, but all new machines ship with the latest. 

 

Why Is Microsoft Making This Change?  

The main reason is technical debt

Azure AD External Identities were built reactively—to meet emerging customer needs—but weren’t initially designed for long-term external identity management. Now, Microsoft needs a platform to scale, innovate, and compete with other modern solutions. 

This shift also simplifies branding, pricing, and use cases, which have previously confused customers. 


Understanding Azure AD vs Entra External IDs 

Entra is Microsoft’s new umbrella brand for identity services—think Coke. Entra External IDs is a sub-brand focused on external users—think Coke Zero. 

The move from Azure AD B2B/B2C to Entra External IDs is like switching from Diet Coke to Coke Zero: it serves a similar purpose but with a better experience. 

 

What Is Entra ID External Identities?

Microsoft Entra External ID is a modern cloud CIAM solution that lets external users—customers, contractors, citizens—sign in with various credentials (e.g. social logins, Microsoft accounts) and stay protected with modern security (passkeys, conditional access). 

It combines the strengths of Azure AD B2B and B2C in one unified platform.  


What Is Azure AD? 

Azure AD was Microsoft’s cloud identity platform. It managed users and granted access to Microsoft 365 and thousands of SaaS apps. It’s now called Microsoft Entra ID.


What is Azure AD B2B?

Azure AD B2B lets you invite external users into your tenant. They sign in using their unique identity providers (Microsoft, Google, etc.) but gain access to your resources—Teams, SharePoint, and more—based on your policies.  


What is Azure AD B2C?

Azure AD B2C enables public users to access apps and websites using familiar credentials (Google, Facebook, or custom logins). It was customizable and scalable for millions of users.


 Entra ID External Identities and B2B Direct Connect.jpg


What's the difference between Azure AD B2B, B2C, and Entra ID External Identities?

Some key differences affect users in no way, but will significantly impact developers and service providers.    

  • Developer Experience: B2B and B2C have different management portals and code bases, with B2C requiring XML policy files, which complicates development and management, especially in cases where companies need to use both. Entra External IDs has a unified management portal and codebase.    
  • Security features: Azure AD B2B/B2C has an older security feature set; Entra External ID adds passkeys, adaptive risk, phishing-resistant multifactor authentication, and modern token protection.    
  • Licensing: Azure B2B usage charges are calculated per guest, whereas B2C charges apply for each authentication. This distinction can lead to billing confusion and potential overcharges, especially when users are inactive. In contrast, Entra utilizes a Monthly Active User (MAU) model, providing the first 100,000 MAUs free of charge.


What is the History of Azure AD B2B & B2C?

Microsoft introduced Azure AD B2B to address the need for collaboration. In 2015, Microsoft started by rolling out Azure AD B2C, followed by Azure AD B2B in 2016 for B2B collaboration. However, the usage started to take off with the increasing use of Microsoft Teams during the 2020 pandemic. As companies expanded external collaboration and digital transformation started to drive more consumer services, the need to manage external identities in the cloud exploded.   

However, Azure AD B2B's default configuration is too open, which creates risks for companies using it. Similarly, enhanced security risks for consumers also drive a need for more advanced security protection.   

In 2023, the rebranding to Microsoft Entra began, and Azure AD became Microsoft Entra ID. External Identities was renamed Microsoft Entra External ID, with roadmap notifications of the planned combination.  

Entra External ID went to GA in September 2024, and an end-of-sale notice for Azure External IDs was posted in November 2024. 


Impact Analysis - Why Should I Care? 

Understanding how this affects current and future development projects, security, and cost is the biggest impact. 

Current Projects: You can still use Azure AD External IDs with the current pricing model without impacting service.    

Future Projects: Anything completed after May 1, 2025, must use Entra External IDs, with the new pricing structure.  If you have new projects coming online in the next few days, they should be deployed now. 

Innovation Freeze: Anything on the older stack will not receive any enhancements to identity management or authentication security.  

Hidden Support Clock: An end of support is looming, although the exact date is uncertain.  It could be 2/3 years or as long as 2030. 

Licensing model changes: The old per-authentication model (which benefits users and apps that are frequent daily users) will be replaced by a Monthly Active User model. Higher-churn sites might pay more under this model.    

Compliance Posture: Regulators and auditors are looking for more evolved authentication, such as phishing-resistant MFA and detailed logging for external tenants, which the new platform can meet.  


Guest Portal

Entra External ID vs Extranet User Manager?  

You may have noticed some crossover between Microsoft's offering and our Extranet User Manager (EUM) product. EUM is our product that helps organizations manage guest user access, providing greater control and security over critical documents.   

The best way to think about the two is this: Extranet User Manager is all about the user experience—providing them with an easy-to-use "front door" to the resources they want. Entra External ID is the doorman, checking to ensure that everyone wanting in is validated and goes to the right rooms.    

Extranet User Manager uses Entra External IDS in the backend to manage identities, but with an easy user management interface that business users can use to set up access portals and manage their users.   

A self-regulating body like a trade association might have thousands of external users who must participate in ongoing training and quarterly meetings and receive and submit documentation. Yes, a central IT administrator could use Entra External IDs directly to manage them. Still, EUM would allow committee management to do this themselves, saving everyone time but keeping everything more secure.  


Recommended Actions 

What should you do if this change impacts you?   

Inventory & classify all external‑user flows (B2B guest users, external organizations, B2C customer, APIs) 

Roadmap – understand what services currently use external identities or are planned to.    

Engage us – after you gather some information, we can help you understand the implications and build a plan to migrate from Azure AD Identities to Entra External Identities (if necessary).     


–FAQ  

“Will my current apps break on May 1, 2025?” → No.  

“What’s the cost difference?” → First 100 000 MAU free, then tiered; costs drop for most B2B guest scenarios.

“Is B2C dead?” → No—the same capabilities now live under Entra External ID.  

“How long do I have to migrate?” → No hard date yet, but history says 2‑3 years.

 

Closing & Call to Action 

The clock is ticking, and you've been informed. While you have some time to strategize for your existing applications, planning to use Entra External IDs for any new projects is essential. This may require utilizing two platforms until you complete the migration. However, planning will enhance security for your external partners and customers and simplify management for you. 

We're here to help. Contact us, and we will give you a free 30-minute readiness call and help you build a migration checklist.   

Latest Articles